diff options
| author | tb <> | 2022-11-23 07:37:06 +0000 |
|---|---|---|
| committer | tb <> | 2022-11-23 07:37:06 +0000 |
| commit | 11e94872e32d80fdc1f0c80d7e4558f7906ca3e5 (patch) | |
| tree | fd2fbc5b88cd91eb1f161159fd59791f743e0733 /src/lib | |
| parent | d54bf743ec5803b144b5355fbd19c0ae0a7fa2d6 (diff) | |
| download | openbsd-11e94872e32d80fdc1f0c80d7e4558f7906ca3e5.tar.gz openbsd-11e94872e32d80fdc1f0c80d7e4558f7906ca3e5.tar.bz2 openbsd-11e94872e32d80fdc1f0c80d7e4558f7906ca3e5.zip | |
Fix leaks in ecx_set_{priv,pub}_key()
When ecx_key_set_{priv,pub}() fails, ecx_key is leaked.
CID 377014
From jsing
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/ec/ecx_methods.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/src/lib/libcrypto/ec/ecx_methods.c b/src/lib/libcrypto/ec/ecx_methods.c index 8829d8fdbc..4de7f1565e 100644 --- a/src/lib/libcrypto/ec/ecx_methods.c +++ b/src/lib/libcrypto/ec/ecx_methods.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecx_methods.c,v 1.2 2022/11/19 07:00:57 tb Exp $ */ | 1 | /* $OpenBSD: ecx_methods.c,v 1.3 2022/11/23 07:37:06 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2022 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2022 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -511,18 +511,18 @@ ecx_sign_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) | |||
| 511 | static int | 511 | static int |
| 512 | ecx_set_priv_key(EVP_PKEY *pkey, const uint8_t *priv, size_t len) | 512 | ecx_set_priv_key(EVP_PKEY *pkey, const uint8_t *priv, size_t len) |
| 513 | { | 513 | { |
| 514 | struct ecx_key_st *ecx_key; | 514 | struct ecx_key_st *ecx_key = NULL; |
| 515 | int ret = 0; | 515 | int ret = 0; |
| 516 | 516 | ||
| 517 | if (priv == NULL || len != ecx_key_len(pkey->ameth->pkey_id)) { | 517 | if (priv == NULL || len != ecx_key_len(pkey->ameth->pkey_id)) { |
| 518 | ECerror(EC_R_INVALID_ENCODING); | 518 | ECerror(EC_R_INVALID_ENCODING); |
| 519 | return 0; | 519 | goto err; |
| 520 | } | 520 | } |
| 521 | 521 | ||
| 522 | if ((ecx_key = ecx_key_new(pkey->ameth->pkey_id)) == NULL) | 522 | if ((ecx_key = ecx_key_new(pkey->ameth->pkey_id)) == NULL) |
| 523 | return 0; | 523 | goto err; |
| 524 | if (!ecx_key_set_priv(ecx_key, priv, len)) | 524 | if (!ecx_key_set_priv(ecx_key, priv, len)) |
| 525 | return 0; | 525 | goto err; |
| 526 | if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, ecx_key)) | 526 | if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, ecx_key)) |
| 527 | goto err; | 527 | goto err; |
| 528 | ecx_key = NULL; | 528 | ecx_key = NULL; |
| @@ -538,18 +538,18 @@ ecx_set_priv_key(EVP_PKEY *pkey, const uint8_t *priv, size_t len) | |||
| 538 | static int | 538 | static int |
| 539 | ecx_set_pub_key(EVP_PKEY *pkey, const uint8_t *pub, size_t len) | 539 | ecx_set_pub_key(EVP_PKEY *pkey, const uint8_t *pub, size_t len) |
| 540 | { | 540 | { |
| 541 | struct ecx_key_st *ecx_key; | 541 | struct ecx_key_st *ecx_key = NULL; |
| 542 | int ret = 0; | 542 | int ret = 0; |
| 543 | 543 | ||
| 544 | if (pub == NULL || len != ecx_key_len(pkey->ameth->pkey_id)) { | 544 | if (pub == NULL || len != ecx_key_len(pkey->ameth->pkey_id)) { |
| 545 | ECerror(EC_R_INVALID_ENCODING); | 545 | ECerror(EC_R_INVALID_ENCODING); |
| 546 | return 0; | 546 | goto err; |
| 547 | } | 547 | } |
| 548 | 548 | ||
| 549 | if ((ecx_key = ecx_key_new(pkey->ameth->pkey_id)) == NULL) | 549 | if ((ecx_key = ecx_key_new(pkey->ameth->pkey_id)) == NULL) |
| 550 | return 0; | 550 | goto err; |
| 551 | if (!ecx_key_set_pub(ecx_key, pub, len)) | 551 | if (!ecx_key_set_pub(ecx_key, pub, len)) |
| 552 | return 0; | 552 | goto err; |
| 553 | if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, ecx_key)) | 553 | if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, ecx_key)) |
| 554 | goto err; | 554 | goto err; |
| 555 | ecx_key = NULL; | 555 | ecx_key = NULL; |